Security Groups Tout Chain of Trust Initiative to Combat Malware

The Chain of Trust cyber-security initiative aims to link together all organizations and individuals that play a role in securing the Internet.

Three cyber-security groups said May 19 they are launching a new initiative
applying many of the same approaches used to bring nuisance adware under
control, a chain-of-command plan for "all organizations and
individuals that play a role in securing the Internet."
Developed by the ASC (Anti-Spyware Coalition), NCSA (National Cyber Security
Alliance) and StopBadware.org, "the Chain of Trust Initiative will link
together security vendors, researchers, government agencies, Internet
companies, network providers, [and] advocacy and education groups in a systemic
effort to stem the rising tide of malware," the groups said in a news
release.

"Strong security in any one organization or sector is not enough to combat
an agile, fast-evolving threat like malware, which exploits security breakdowns
between entities," Ari Schwartz, ASC coordinator and vice president of the
Center for Democracy & Technology, said in a statement. "We all need
to work together to build a system that can withstand and repel the next
generation of exploits."

The group's first step will be to "map the complex, interdependent network
of organizations and individuals that make up the chain" in hopes of
identifying all its vulnerabilities, it said in the release. "ASC, NSCA
and StopBadware.org will lead the mapping effort and jointly develop ideas and
initiatives to form stronger bonds between links in the chain."

"Organization and collaboration are our best tools against an enemy that
doesn't play by any rules," StopBadware.org Manager Maxim Weinstein said. "Just
by [the] nature of how the Internet works, malware distributors have a
technological advantage, but we can respond by strengthening our shared
networks and by better understanding our shared responsibilities."